segfault in bird6 #116
Description
Hello,
I noticed that there was too much logging of segfault in dmesg:
[Mon Jan 26 11:28:45 2026] bird6[284930]: segfault at 28 ip 00000000004086a0 sp 00007fffe37a0450 error 4 in bird6[401000+10e000]
[Mon Jan 26 11:28:45 2026] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 7d 00 48 8b 75 08 48 8b 13 48 8b 4b 08 e8 6c a1 02 00 85 c0 75 48 48 8b 43 10 48 8b 55 10 <8b> 40 28 39 42 28 78 3a 75 bb 5b 5d 41 5c c3 90 49 8b 04 24 48 8b
[Mon Jan 26 11:28:46 2026] bird6[284955]: segfault at 28 ip 00000000004086a0 sp 00007ffe1e25dff0 error 4 in bird6[401000+10e000]
[Mon Jan 26 11:28:46 2026] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 7d 00 48 8b 75 08 48 8b 13 48 8b 4b 08 e8 6c a1 02 00 85 c0 75 48 48 8b 43 10 48 8b 55 10 <8b> 40 28 39 42 28 78 3a 75 bb 5b 5d 41 5c c3 90 49 8b 04 24 48 8b
[Mon Jan 26 11:28:47 2026] bird6[284957]: segfault at 28 ip 00000000004086a0 sp 00007ffdd2c4b900 error 4 in bird6[401000+10e000]
[Mon Jan 26 11:28:47 2026] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 7d 00 48 8b 75 08 48 8b 13 48 8b 4b 08 e8 6c a1 02 00 85 c0 75 48 48 8b 43 10 48 8b 55 10 <8b> 40 28 39 42 28 78 3a 75 bb 5b 5d 41 5c c3 90 49 8b 04 24 48 8b
[Mon Jan 26 11:28:49 2026] bird6[284967]: segfault at 28 ip 00000000004086a0 sp 00007fff82abad50 error 4 in bird6[401000+10e000]
[Mon Jan 26 11:28:49 2026] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 7d 00 48 8b 75 08 48 8b 13 48 8b 4b 08 e8 6c a1 02 00 85 c0 75 48 48 8b 43 10 48 8b 55 10 <8b> 40 28 39 42 28 78 3a 75 bb 5b 5d 41 5c c3 90 49 8b 04 24 48 8b
[Mon Jan 26 11:28:50 2026] bird6[284992]: segfault at 28 ip 00000000004086a0 sp 00007ffe5f623150 error 4 in bird6[401000+10e000]
[Mon Jan 26 11:28:50 2026] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 7d 00 48 8b 75 08 48 8b 13 48 8b 4b 08 e8 6c a1 02 00 85 c0 75 48 48 8b 43 10 48 8b 55 10 <8b> 40 28 39 42 28 78 3a 75 bb 5b 5d 41 5c c3 90 49 8b 04 24 48 8b
[Mon Jan 26 11:28:51 2026] bird6[284994]: segfault at 28 ip 00000000004086a0 sp 00007ffc5a99ec40 error 4 in bird6[401000+10e000]
[Mon Jan 26 11:28:51 2026] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 7d 00 48 8b 75 08 48 8b 13 48 8b 4b 08 e8 6c a1 02 00 85 c0 75 48 48 8b 43 10 48 8b 55 10 <8b> 40 28 39 42 28 78 3a 75 bb 5b 5d 41 5c c3 90 49 8b 04 24 48 8b
It turns out bird6 is segfaulting in loop on my calico-node pod
logs from the pod :
bird: Started
bird: device1: State changed to up
bird: direct1: State changed to up
bird: device1: Initializing
bird: direct1: Initializing
bird: device1: Starting
bird: device1: Connected to table master
bird: device1: State changed to feed
bird: direct1: Starting
bird: direct1: Connected to table master
bird: direct1: State changed to feed
bird: Graceful restart started
bird: Graceful restart done
bird: Started
bird: device1: State changed to up
bird: direct1: State changed to up
bird: device1: Initializing
bird: direct1: Initializing
bird: device1: Starting
bird: device1: Connected to table master
bird: device1: State changed to feed
bird: direct1: Starting
bird: direct1: Connected to table master
bird: direct1: State changed to feed
bird: Graceful restart started
bird: Graceful restart done
bird: Started
bird: device1: State changed to up
bird: direct1: State changed to up
The actual code that segfault is here.
I loaded the bird6 binary from the docker image docker.io/calico/cni:v3.30.3 in my disassembler, it points to the said line (tho it believes its in mpnh_insert maybe due to compiler optimizations, but code says mpnh_compare_node).
